By the time you are reading this guidance, your business has likely been operating under a shelter in place order or perhaps even a governmental quarantine in response to the Coronavirus pandemic, and your staff has been operating remotely for an extended period. While it may be too soon to fully assess whether remote access and teleworking is functioning optimally for your business, it is not too soon to ensure that the process of remote access and telework is being undertaken on the enterprise level in a safe and diligent fashion. Indeed, this is a responsibility that should be addressed from the Board of Directors and C-suite level down to the factory floor.
While the topic of remote access and its impact on cybersecurity could fill up volumes, there are two aspects of remote access and telework that businesses of all sizes need to acknowledge and address immediately. First, while remote access and telework were on the rise before the Coronavirus Pandemic, they are now most assuredly an integral part of your business for the foreseeable future. Your customers and staff expect you to be able to keep your business open through remote operations, and the harsh reality is that businesses that cannot operate remotely in some capacity have less chance of success during periods of shelter in place orders, governmental quarantines and social distancing.
Second, with more staff utilizing remote access and telework during the pandemic, the likelihood of your business’s information technology and the data stored thereon being exposed through cyber-breaches and attacks has grown exponentially. There are countless articles explaining the inherent dangers of remote access and telework, but the theme that permeates them all is that working remotely comes with its own set of dangers and that hackers and cybercriminals who have already been relentlessly attacking businesses through email and phishing scams, DDoS attacks, ransomware and social engineering, have already increased their attacks on businesses using remote access. Simple changes in your staff’s routines caused by new procedures can throw them off balance and create an opportunity for a hacker to exploit.